| Arthur S. Alexion on 3 Mar 2004 19:02:02 -0000 |
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul wrote: Mark M. Hoffman wrote: I assume most on this list have read at least one issue of 2600. If you have, you may have noticed that the most effective malicious attacks involve ¨social engineering¨, not the technical exploitation of technical weakness. Some of the most effective scams involve not a single line of malicious code. Most effective viruses have had a combination of the two -- remember the ¨I love you¨ virus, etc. -- attacks that exploit human weakness to overcome a technical barrier. In that sense we are as vulnerable as any system, but AV solutions are not the answer. Common sense should be the guide. Things like don't go to lunch with root logged into a terminal. Try not to lose your Palm Pilot. Don't put important passwords on post-it notes all over the office. Use caution with installing unknown software -- software that does not come from a trusted source -- that requires root access for the install script*. Just be careful.** *I remember installing Evolution from a script that not only installed the PIM/MUA, but also changed my login manager, through me into a Gnome-only boot, and gave me an unexpected opportunity to learn about how xdm/gdm/kdm work, so that I could undo the damage. It also removed my then-beloved jpilot and replaced pilot-link with a Ximian-ized version that was incompatible with the rest of my software that relied on it. **I've taken steps like installing abiword on my windows system just so that I can view word docs that come from external sources. A save to RTF strips any trojan horses lurking in VBA code if I want to later open the file in the real word program. - -- - -- _______________________________________ Art Alexion Arthur S. Alexion LLC arthur [at] alexion [dot] com aim: aalexion sms: 2679725536 [at] messaging [dot] sprintpcs [dot] com GnuPG fingerprint
pub 1024D/ACC5BA7A 2004-01-30 Arthur S. Alexion (Art Alexion) <arthur@alexion.com>
Key fingerprint = 52A4 B10C AA73 096F A661 92D2 3B65 8EAC ACC5 BA7A
sub 1024g/328F84E6 2004-01-30
________________________________________-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFARiujO2WOrKzFunoRAvqcAJwPpu0l2wrOeuRtp3MMQ6bS412sEwCfbpC/ KrPcmIPa7yFVvJLTLFacYrc= =Sh3n -----END PGP SIGNATURE----- ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|